A recent investigation by Scam Sniffer has unveiled a serious threat lurking in the search results for “Soneium,” a blockchain project by Sony.
Users searching for this Ethereum layer-2 blockchain were misled by a sponsored Google ad, which appeared to link to the project’s official site.
Instead, the ad directed them to a cleverly crafted phishing site designed to steal crypto assets.
“This ad is a perfect example of how phishing can happen to anyone,” Scam Sniffer noted in an October 22 post on X. “You might not even realise you’re a target unless you misspell ‘Soneium’ as ‘Someium.’”
The fraudulent site, which was deceptively similar to Soneium’s actual domain, masqueraded as a basic landing page for a radiology service based in the UK.
Users who unwittingly clicked the ad found themselves on a site rigged with a hidden wallet drainer, ready to siphon their cryptocurrency.
The site creators employed dynamic redirects to disguise their malicious page as legitimate, evading detection by Google.
“It’s hard to see it unless you are targeted, and that’s why Google couldn’t know [about] it,” Scam Sniffer explained.
Typically, Google phishing ads redirect users to official sites unless specifically targeted, making it easy for potential victims to overlook the warning signs.
Source: X @realScamSniffer
Just last month, Scam Sniffer had warned that another crypto platform, Polymarket, faced similar threats through sponsored ads on Google.
This alarming incident is part of a broader trend in cryptocurrency scams.
In September alone, over $46 million worth of crypto was stolen from more than 10,800 victims of phishing schemes.
In the third quarter of 2024, the total losses soared to over $127 million, with Ether wallets being the prime target for these attacks.
Scam Sniffer previously reported that scammers had netted over $4 million in just a few weeks by exploiting similar malicious phishing sites promoted on Google Search.
In addition to phishing websites, cybercriminals have expanded their arsenal with fraudulent applications.
A recent report revealed that a fake cryptocurrency wallet app, named WalletConnect, managed to deceive more than 10,000 users, resulting in $70,000 stolen from unsuspecting individuals.
This sophisticated scam, the first of its kind targeting mobile users exclusively, cleverly mimicked the reputable WalletConnect protocol to lure victims.
Meanwhile, cybersecurity firms have identified new malware threats such as the “Cthulhu Stealer,” which affects MacOS systems.
Disguised as legitimate software, this malware targets sensitive personal information, including MetaMask passwords and private keys for cold wallets.
These developments showcase the ongoing struggle faced by crypto users in a digital landscape rife with deception and malicious intent.
As scams grow more sophisticated, vigilance remains crucial.
The US DOJ has filed an antitrust lawsuit against Visa, accusing it of maintaining a debit payments monopoly. The DOJ claims Visa uses exclusivity agreements and penalties to stifle competition, forcing businesses to use its network while blocking new competitors from entering the market.
CatherineEasyA has partnered with the Web3 Foundation to launch the EasyA x Polkadot University, funded by a grant to provide workshops, hackathons, and grants aimed at fostering innovation within the Polkadot ecosystem. This initiative responds to the rising demand for Web3 professionals and seeks to educate the next generation of blockchain developers.
AnaisArchaeologists have discovered 303 new geoglyphs in the Nazca Lines of Peru using artificial intelligence, significantly enhancing the understanding of these ancient markings. This breakthrough highlights the potential of technology in archaeology, revealing new insights into the Nazca civilization and its mysterious creations.
AnaisAhead of the 26 September HMSTR token launch, Hamster Kombat announced plans for NFTs, new games, and less reliance on Telegram. By 2025, it aims to launch an NFT marketplace, host a clan championship, and start the second phase of its airdrop.
CatherinePayments giant PayPal now allows US merchants, except New York, to buy, hold, and sell crypto via their business accounts. This move expands PayPal's crypto accessibility, offering enhanced financial tools to millions of businesses.
KikyoSouth Korea is launching the Digital Asset User Protection Foundation to help users recover funds trapped in failed cryptocurrency exchanges, which have seen ten out of 22 platforms shut down. The foundation, expected to start operations in October, will coordinate with defunct exchanges to securely manage and return users' assets.
AnaisOpenAI is transitioning to a for-profit benefit corporation. Reports suggest that Sam Altman could receive a 7% equity stake, potentially valued at $10.5 billion. This prompts an important question: why are so many key insiders departing?
CatherineA Singapore court granted WazirX a four-month conditional moratorium after its July hack, which led to a $234 million loss. The exchange initially requested six months but received a shorter relief period under specific conditions to address its financial situation.
KikyoMeta is revamping its metaverse avatars with a major update launching on October 1st, allowing users to customize features like eye size and body types. Future updates will include AI-generated avatars and new options for fantasy characters, enhancing user experience in the metaverse.
JoyA scam targeting cryptocurrency investors in Hong Kong has led to losses of HK$14.8 million, with victims tricked into making transactions at fake exchange shops. One businessman lost HK$4 million after realizing he was locked inside a shop while scammers escaped with his money.
Weatherly